package org.globus.ogsa.impl.security.authentication.wssec;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import javax.xml.namespace.QName;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DEREncodableVector;
import org.bouncycastle.asn1.DERSequence;
import org.globus.gsi.CertUtil;
import org.globus.gsi.bc.BouncyCastleUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:org/globus/ogsa/impl/security/authentication/wssec/PKIPathSecurityToken.class */
public class PKIPathSecurityToken extends BinarySecurityToken {
    public static final QName TYPE = new QName(WSConstants.WSSE_NS, "PKIPath");

    public PKIPathSecurityToken(Element element) throws WSSecurityException {
        super(element);
        if (!getValueType().equals(TYPE)) {
            throw new WSSecurityException(4, "invalidValueType", new Object[]{TYPE, getValueType()});
        }
    }

    public PKIPathSecurityToken(Document document) {
        super(document);
        setValueType(TYPE);
    }

    public X509Certificate[] getX509Certificates(boolean z) throws GeneralSecurityException, IOException {
        byte[] token = getToken();
        if (token == null) {
            return null;
        }
        ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(BouncyCastleUtil.toDERObject(token));
        int size = aSN1Sequence.size();
        X509Certificate[] x509CertificateArr = new X509Certificate[size];
        for (int i = 0; i < size; i++) {
            x509CertificateArr[z ? (size - 1) - i : i] = CertUtil.loadCertificate(new ByteArrayInputStream(BouncyCastleUtil.toByteArray(aSN1Sequence.getObjectAt(i).getDERObject())));
        }
        return x509CertificateArr;
    }

    public void setX509Certificates(X509Certificate[] x509CertificateArr, boolean z) throws CertificateEncodingException, IOException {
        if (x509CertificateArr == null) {
            throw new IllegalArgumentException("data == null");
        }
        DEREncodableVector dEREncodableVector = new DEREncodableVector();
        if (z) {
            for (int length = x509CertificateArr.length - 1; length >= 0; length--) {
                dEREncodableVector.add(BouncyCastleUtil.toDERObject(x509CertificateArr[length].getEncoded()));
            }
        } else {
            for (X509Certificate x509Certificate : x509CertificateArr) {
                dEREncodableVector.add(BouncyCastleUtil.toDERObject(x509Certificate.getEncoded()));
            }
        }
        setToken(BouncyCastleUtil.toByteArray(new DERSequence(dEREncodableVector)));
    }
}
